February 12, 2026

Tugboat Changelog

v2.26.6

In This Release...

  • Beefed up our Content-Security-Policy headers with additional directives, further hardening the dashboard against cross-site scripting and injection attacks.
  • Fixed a bug where closing a window could knock out real-time updates for all your connected browser tabs. If you ever noticed service states going stale and had to do a full page refresh — that was this guy. Squashed!
  • Added logging for successful and failed login and logout events to improve authentication auditing and security visibility.
  • Added Subresource Integrity (SRI) hashes to externally-hosted stylesheets, so your browser can verify they haven't been tampered with before loading them.

Recent Releases

v2.26.20
May 13, 2026
Project creation can now be restricted to admins only, plus dependency updates across the stack.
v2.26.19
May 4, 2026
Fixed browser notification prompts and improved preview list layout for long usernames. Better UX all around!
v2.26.18
April 28, 2026
Improved release notes handling, dependency updates, added vulnerability audits to security CI, and enhanced testing coverage.
v2.26.17
April 21, 2026
Security patch for fastify, legacy config cleanup, dependency updates, and Bitbucket API token authentication support added.
v2.26.16
April 15, 2026
Updated API calls for Bitbucket user repositories.
View All

Have questions about Tugboat?

Want to learn more about Tugboat and whether it’s the right fit for your team’s needs? Drop us a line. We’d love to chat!

Contact Us
Support
Check out our documentation
Join us on Slack
File a support ticket
Browse our repositories
Tugboat status
Legal
PrivacyTermsCode of ConductAccessibility Statement
Newsletter

Get monthly updates with articles, new features, and case studies.

Subscribe to the Tugboat Newsletter
"Tugboat" is a registered trademark of Tugboat QA, LLC.
Follow us: